Difference between revisions of "AFSecurity Seminar"

From mn/ifi/AFSecurity
Jump to: navigation, search
Line 1: Line 1:
== 5G Security & Challenges ==
+
== Embedded-Device Forensics ==
  
 
{| border="0" cellpadding="1" cellspacing="1" width="100%"
 
{| border="0" cellpadding="1" cellspacing="1" width="100%"
 
|-
 
|-
| '''DATE:'''&nbsp; Tuesday 10 September 2019<br />
+
| '''TIME:'''&nbsp; 10:00h, Friday 4 October 2019<br />'''PLACE:'''&nbsp;  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House<br /><br />'''AGENDA:'''<br />
'''PLACE:'''&nbsp;  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House . <br /><br />
+
10:00h Welcom at UiO<br />10:15h Invited Talk:
'''AGENDA:'''<br />
 
14:00h Welcom at UiO<br /><br />14:15h Invited Talk:
 
 
| [[File:Logo-SINTEF.png|300px|link=https://sintef.no/]]
 
| [[File:Logo-SINTEF.png|300px|link=https://sintef.no/]]
 
|}
 
|}
* '''TALK:''' &nbsp;''5G Security &amp; Challenges''<br />'''SPEAKER:''' ''Ravi Borgaonkar'' (SINTEF) &nbsp; <br />'''ABSTRACT:'''  5G networks promise to transform industries and our digital society by providing enhanced capacity, higher data rates, lower battery for machine-type devices, higher availability and reduced power consumption. In a way, 5G will act as a vehicle to drive much needed digital transformation race and will push the world into the information age. In addition, 5G can be used to replace the existing emergency communication network infrastructures. However, with a higher speed and low latency, higher bandwidth availability attacks and attack surface will also be increased. In addition, in coming years, 5G may become the national critical infrastructure itself, thereby requiring new requirements, regulations, and policies to safeguard the national security interests.  In this talk, we visit 5G security architecture &amp; outline potential security challenges in deployed networks. We use previously known and severe telecom security attacks examples to demonstrate potential risks of 5G. Finally, the talk will cover future research directions to minimize security risks to build 5G enabled information transportation superhighways.
+
* '''TALK:''' &nbsp;''Case Studies in Invasive Embedded Device Forensics: Evidence Extraction and Firmware Verification''<br />'''SPEAKER:''' ''Sujeet Shenoi'' (University of Tulsa, USA) &nbsp; <br />'''ABSTRACT:'''  This presentation describes various electronic, physical and chemical techniques for extracting data and firmware from embedded devices.  The techniques range from basic non-invasive techniques to sophisticated invasive techniques using chip desoldering and chemical etching or laser ablation to expose bond wires inside chip packages and extract data.   Several case studies related to evidence extraction from embedded devices are presented. Also, case studies dealing with the extraction and verification of firmware in suspected supply chain compromises are presented.
 +
 
 +
11:00h Discussion<br />
 +
 
 +
== Threat of Open-Source Intelligence ==
 +
{| border="0" cellpadding="1" cellspacing="1" width="100%"
 +
|-
 +
| '''TIME:'''&nbsp; 14:00h, Friday 4 October 2019<br />'''PLACE:'''&nbsp;  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House<br /><br />'''AGENDA:'''<br />
 +
14:00h Welcom at UiO<br />
 +
14:15h Invited Talk:
 +
| [[File:Logo-SINTEF.png|300px|link=https://sintef.no/]]
 +
|}
 +
* '''TALK:''' &nbsp;''How Open-Source Intelligence is Used to Attack Critical Infrastructure Assets''<br />'''SPEAKER:''' ''Sujeet Shenoi'' (University of Tulsa, USA) &nbsp; <br />'''ABSTRACT:'''  This case-study-based presentation demonstrates how open-source information can be collected and leveraged to attack critical infrastructure assets. The case studies include the Stuxnet malware, information operations on an offshore oil and gas platform and a cyber and physical penetration of a financial entity.
  
 
15:00h Discussion<br />
 
15:00h Discussion<br />
 +
  
  
 
'''SPEAKER BIO''' <br/>
 
'''SPEAKER BIO''' <br/>
Dr. Ravishankar Borgaonkar works as a research scientist at SINTEF Digital and undertakes research in securing next generation digital communication. He holds a PhD in telecommunication security area from Technischen Universität Berlin (TU Berlin, 2013). His primary research themes are related to mobile telecommunication networks and security threats for the next generation of digital communication, ranging from 2G/3G/4G/5G network security to end-user device security. He has extensive experience as a security researcher (Deutsche Telekom's lab, Intel Collaborative Research Institute for Secure Computing at Aalto University, University of Oxford), focusing lately on 5G security research.
+
Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a Professor of Chemical Engineering at the University of Tulsa, Tulsa, Oklahoma; and a member of the technical staff at Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland. An active researcher with specialties in cyber security, cyber operations, critical infrastructure protection and digital forensics, Dr. Shenoi works on exciting “problems” ranging from helping solve homicides to penetrating telecommunications systems, oil and gas pipelines, wind farms and voting machines. Dr. Shenoi is the Editor-in-Chief of the International Journal of Critical Infrastructure Protection (Elsevier); and Editor of the Advances in Digital Forensics and Critical Infrastructure Protection (Springer) series, now in their thirteenth and eleventh volumes, respectively. He spearheads the University of Tulsa's elite Cyber Corps Program that trains “MacGyvers” for U.S. government agencies, and is the Director of the Cyber Security Education Consortium, a National Science Foundation ATE Center that is building a high-tech workforce in the Southwestern United States. For his innovative strategies integrating academics, research and service, Dr. Shenoi was named the 1998-1999 U.S. Professor of the Year by the Carnegie Foundation.
 
{| border="0" cellpadding="1" cellspacing="1" width="90%"
 
{| border="0" cellpadding="1" cellspacing="1" width="90%"
 
|-
 
|-

Revision as of 16:35, 27 September 2019

Embedded-Device Forensics

TIME:  10:00h, Friday 4 October 2019
PLACE:  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House

AGENDA:

10:00h Welcom at UiO
10:15h Invited Talk:

Logo-SINTEF.png
  • TALK:  Case Studies in Invasive Embedded Device Forensics: Evidence Extraction and Firmware Verification
    SPEAKER: Sujeet Shenoi (University of Tulsa, USA)  
    ABSTRACT: This presentation describes various electronic, physical and chemical techniques for extracting data and firmware from embedded devices. The techniques range from basic non-invasive techniques to sophisticated invasive techniques using chip desoldering and chemical etching or laser ablation to expose bond wires inside chip packages and extract data. Several case studies related to evidence extraction from embedded devices are presented. Also, case studies dealing with the extraction and verification of firmware in suspected supply chain compromises are presented.

11:00h Discussion

Threat of Open-Source Intelligence

TIME:  14:00h, Friday 4 October 2019
PLACE:  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House

AGENDA:

14:00h Welcom at UiO
14:15h Invited Talk:

Logo-SINTEF.png
  • TALK:  How Open-Source Intelligence is Used to Attack Critical Infrastructure Assets
    SPEAKER: Sujeet Shenoi (University of Tulsa, USA)  
    ABSTRACT: This case-study-based presentation demonstrates how open-source information can be collected and leveraged to attack critical infrastructure assets. The case studies include the Stuxnet malware, information operations on an offshore oil and gas platform and a cyber and physical penetration of a financial entity.

15:00h Discussion


SPEAKER BIO
Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a Professor of Chemical Engineering at the University of Tulsa, Tulsa, Oklahoma; and a member of the technical staff at Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland. An active researcher with specialties in cyber security, cyber operations, critical infrastructure protection and digital forensics, Dr. Shenoi works on exciting “problems” ranging from helping solve homicides to penetrating telecommunications systems, oil and gas pipelines, wind farms and voting machines. Dr. Shenoi is the Editor-in-Chief of the International Journal of Critical Infrastructure Protection (Elsevier); and Editor of the Advances in Digital Forensics and Critical Infrastructure Protection (Springer) series, now in their thirteenth and eleventh volumes, respectively. He spearheads the University of Tulsa's elite Cyber Corps Program that trains “MacGyvers” for U.S. government agencies, and is the Director of the Cyber Security Education Consortium, a National Science Foundation ATE Center that is building a high-tech workforce in the Southwestern United States. For his innovative strategies integrating academics, research and service, Dr. Shenoi was named the 1998-1999 U.S. Professor of the Year by the Carnegie Foundation.

AFSecurity-small.png AFSecurity is organised by the UiO Research Group on Information & Cyber Security Sec-uio-light-1000.png